Note: This is an archival copy of Security Sun Alert 264808 as previously published on http://sunsolve.sun.com.
Latest version of this security advisory is available from http://support.oracle.com
as Sun Alert 1020787.1.

Security Vulnerability in Solaris Trusted Extensions Involving the Parsing of Labeled Packets May Result in Denial of Service (DoS)

CategorySecurity

CategoryAvailability

Release PhaseResolved

Bug Id
6794914

ProductSolaris 10 Operating System
OpenSolaris

Date of Resolved Release29-Jul-2009

A remote user may be able to panic systems configured with Solaris Trusted Extensions ... (see below)

1. Impact

A security vulnerability in Solaris Trusted Extensions when parsing labeled packets may allow a remote privileged user to be able to panic the system which is a type of Denial of Service (DoS).

2. Contributing Factors

This issue can occur on the following releases:

SPARC platform

Solaris 10 Update 3 (11/06) or later without patch 141414-06

OpenSolaris based upon builds snv_37 through snv_120

x86 Platform

Solaris 10 Update 3 (11/06) or later without patch 141415-06

OpenSolaris based upon builds snv_37 through snv_120

Notes: Solaris 8 and 9 are not impacted by this issue.

This issue only impacts systems which have Solaris Trusted Extensions installed and running.
To determine if Trusted Extensions is installed and running on a host, execute the
following command in the global zone:

$ svcs labeld online 16:19:20 svc:/system/labeld:default

If Trusted Extensions is configured and running, the labeld service will have an instance in the online state.

3. Symptoms

If this issue occurs, the system may panic with a stack trace similar to the following: